More users are attacked through their email than by all other vectors combined!

Never click on links from unknown or untrusted sources.
Hackers and scammers depend on our habit of clicking on email attachments and links without thinking. Make sure before you click that you know both where the email came from and where the link will take you. Many of the attachments contain malware which--when you double click--installs itself on your computer.
Also, a malicious email is the first step in a phishing scheme, and links are likely to take you to a website whose sole purpose is to steal your personal and financial information. Phishing is when someone pretends to be something they aren’t (a company, your bank, the government) in order to fool you into sharing personal information or resources.

Never open attachments from untrusted or unknown sources.
And be cautious even about attachments from people you know. Although the percentages of spam are dropping, over 50% of all email is spam and, in some sectors—such as government and education—the numbers are much higher. Make sure you scan all email attachments with your antivirus program before you double-click to open them.

Never share your password.
You should never need to tell anyone your email password. If you see an email or message saying someone needs your password, that "someone" is likely a working against your best interest.

Always logout when you are finished with your computer.
If your computer is ever available to people you don't know well, logging out after use may save your account from unwanted trespassers. And you are using a public computer, close the browser in addition to logging out.

Do not reply to spam or other harassing or offensive email.
By responding, you only confirm that you are an actual person with an active email address ...you may then be plagued with even more scams and spam. Just delete it. Or, if your email provider offers this service, mark it as spam or forward it to the customer service department.

Use common sense when you're sending and receiving email.
It is good to maintain a strong sense of skepticism. Always use caution when revealing personal information, such as your social security number or physical address to anyone you communicate with through email, even if they purport to be someone of authority.